Office of Inspector General. Annual Report for Fiscal Year

Similar documents
FLORIDA OFFICE OF EARLY LEARNING OFFICE OF INSPECTOR GENERAL Annual Report for Fiscal Year

Inspector General. Office of. Annual Report Fiscal Year Retirement Human Resource Management People First State Group Insurance

Office of. Inspector General. Ser v c e s A N N U A L R E P O R T. Charlie Crist, Governor Linda H. South, Secretary

Florida State Courts System Office of Inspector General. Annual Report Fiscal Year

July 12, Dear General Calhoun:

DEPARTMENT OF BUSINESS AND PROFESSIONAL REGULATION. Office of Inspector General

fjw~ EdW. J~an Inspector General ~L~"F!oriaa! Dr. Eric J. Smith 325 West Gaines Street, Suite 1514 Tallahassee, Florida

REPORT NO JUNE 2013 BOARD OF GOVERNORS OFFICE OF INSPECTOR GENERAL S INTERNAL AUDIT ACTIVITY. Quality Assessment Review

AUDIT PLAN FOR FISCAL YEAR 2017 TEXAS FACILITIES COMMISSION

REPORT OF THE OFFICE OF THE INSPECTOR GENERAL

TEXAS WORKFORCE COMMISSION LETTER. ID/No: Regulatory Integrity Date: August 17, 2009

Kansas Department of Commerce Workforce Services Policy and Procedures Manual

Justification Review

AMENDED ANTI-FRAUD PLAN FOR AVMED, INC. Amended November 2014

UNION PACIFIC CORPORATION AUDIT COMMITTEE OF THE BOARD OF DIRECTORS CHARTER

Lee County Board of County Commissioners 2018 Annual Audit Plan

DIVISION OF INSPECTOR GENERAL. Audit Services & Public Integrity Units 2010 ANNUAL REPORT

Whistleblower Program

Core Principles of Financial Management. Webinar 1

Updated 07/07/2018 ID 19, Page 1 of 6

SIX MONTH STATUS REPORT April 1, 2018 September 30, John A. Carey, Inspector General

Fiscal Year 2018/2019 Annual Audit Plan

WIPO General Assembly

Department of Children and Families. Office of Inspector General

2017-AP-0001 Fiscal Year 2017 Annual Risk Assessment and Audit Plan

Office of Inspector General University of South Florida

Examples/Suggestions: How Inspectors General/Internal Auditors Present Themselves/Their Work John A. Carey INSPECTOR GENERAL

Revisions to Whistleblowing Policy

The IG s Role in Promoting Ethics in Government John A. Carey INSPECTOR GENERAL

SOMERVILLE HOUSING AUTHORITY ANTI- FRAUD POLICY. April 3, 2013

Office of the City Auditor 2018 Annual Work Plan and Long Term Audit Plan

SIX MONTH STATUS REPORT October 1, 2016 March 31, John A. Carey, Inspector General

AUDITOR GENERAL STATE OF FLORIDA G74 Claude Pepper Building 111 West Madison Street Tallahassee, Florida

XI Meeting of Central Bank Internal Auditors

OFFICE OF INSPECTOR GENERAL

Board of Barber and Cosmetologist Examiners. Internal Control and Compliance Audit July 1, 2004, through June 30, 2008

OFFICE OF INSPECTOR GENERAL City of Chicago

What is a Compliance Program?

Annual Report of Internal Audit Activities Fiscal Year 2016

Enhancing Public Trust in Government

MARTIN MARIETTA MATERIALS, INC. AUDIT COMMITTEE CHARTER

Annual Report of Internal Audit Activities Fiscal Year 2017

Administrative Review Investigations Internal Audit Security & Emergency Management

OFFICE OF INSPECTOR GENERAL City of Chicago

CSB s Fiscal Year 2014 Purchase Card Program Assessed as High Risk

INTERNAL AUDIT PLAN OF ACTIVITIES

Office of Inspector General. Regional Enforcement Efforts and Priorities in Florida. South Atlantic Regional Conference January 28, 2011

Medicare Part D: Retiree Drug Subsidy

Fraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER

CITIGROUP INC. AUDIT COMMITTEE CHARTER As of March 21, 2012

SIX MONTH STATUS REPORT October 1, 2016 March 31, John A. Carey, Inspector General

CHARTER OF AUDIT COMMITTEE OF THE BOARD OF DIRECTORS (as amended through November 13, 2012)

Audit Report 2018-A-0001 City of Lake Worth Water Utility Services

Whistle Blowing. Raising Concerns

MyFloridaMarketPlace

FHA-Lender ENGAGEMENT LETTER

AUDIT COMMITTEE CHARTER. Purpose

Advisory. Connecticut False Claims Act: A New Arrow in the Quiver of State Regulators

INTERNATIONAL PAPER COMPANY

Region 10 PIHP FY Corporate Compliance Program Plan

OFFICE OF THE INSPECTOR GENERAL FISCAL YEAR 2019 BUDGET TESTIMONY

KAREN E. RUSHING. FOLLOW UP of. Tourist Development Tax. Visit Sarasota County

MENTAL HEALTH MENTAL RETARDATION OF TARRANT COUNTY. Board Policy. Number A.3 July 31, 2001 COMPLIANCE PLAN

STATE OF FLORIDA DEPARTMENT OF STATE. Minority, Women-owned, and Service-disabled Veteran Business Participation Plan ( )

The principal purposes of the Audit Committee (Committee) of the Board of Directors (Board) of Vistra Energy Corp.

January 22, Re: Auditor General Report No Dear Ms. Norman:

NORTH CAROLINA DEPARTMENT OF AGRICULTURE AND CONSUMER SERVICES

Law Enforcement Focus on Energy Programs and Compliance

April 2015 FC 158/12 E. Hundred and Fifty-eighth Session. Rome, May Anti-Fraud and Anti-Corruption Policy

FLORIDA DEPARTMENT OF FINANCIAL SERVICES DIVISION OF AGENT AND AGENCY SERVICES

O L A. Iron Range Resources Loans to Excelsior Energy, Inc. OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA. Special Review

AUDITOR GENERAL STATE OF FLORIDA

Gulf County, Florida Supervisor of Elections

PRESENTED TO HOUSE COMMITTEE ON APPROPRIATIONS SUBCOMMITTEE ON ARTICE II MARCH 2018 LEGISLATIVE BUDGET BOARD STAFF

1. Purpose. 2. Membership and Organizations. Canadian Imperial Bank of Commerce Audit Committee Mandate

Texas Workforce Commission

Suffolk Care Collaborative. Compliance Program. And. Compliance Guidelines

Webinar 1 - Financial Management

RESPONSIBLE REPORTING OF AND RESPONDING TO COMPLIANCE / ETHICS CONCERNS

March 4, 2015 To the Board Members of the Housing Finance Authority of Pinellas County and Kathryn Driver, Executive Director We are pleased to

OPPAGA provides objective, independent, professional analyses of state policies and services to assist the Florida Legislature in decision making, to

E Distribution: GENERAL FINANCIAL AND BUDGETARY MATTERS. Agenda item 5 REPORT OF THE OFFICE OF THE INSPECTOR-GENERAL ( ) For consideration

According to the City s Code of Ethics, Administrative Regulation 1.1 section III (B):

STATE OF NORTH CAROLINA

REPORT NO DECEMBER 2011 UNIVERSITY OF NORTH FLORIDA. Operational Audit

SIX MONTH STATUS REPORT October 1, 2015 March 31, 2016

Recovery Accountability and Transparency Board Final Report to Congress on Activities Related to Hurricane Sandy Funds May 2015

AVERY DENNISON CORPORATION AUDIT AND FINANCE COMMITTEE CHARTER *

Texas Facilities Commission. Internal Audit Annual Report. Fiscal Year 2017

Office of Inspector General. City of New Orleans 2012 ANNUAL REPORT. Submitted pursuant to City Code (9) January 24, 2013

Capital Improvement Projects

SELF-DISCLOSURE PROTOCOL

Grant Fraud. Leslie Les Hollie Assistant Inspector General For Investigations

Class Objectives. 14-Mar-18 WASHINGTON STATE UNIVERSITY. Whistleblower Act 1. State Whistleblower Act

FEDERAL HOUSING FINANCE AGENCY OFFICE OF INSPECTOR GENERAL

AUDIT AND FINANCE COMMITTEE Wednesday, December 16, 2009

Compliance Concerns: Reporting, Investigating, and Protection from Retaliation

Hundred and Thirty-fourth Session. Rome, October WFP Anti-Fraud and Anti-Corruption Policy

EXECUTIVE OFFICE OF THE GOVERNOR

Gulf County, Florida Supervisor of Elections

Transcription:

Annual Report for Fiscal Year 2016-2017 Report Number: S-1718-16 September 29, 2017 Eric M. Larson State CIO/Executive Director Tabitha A. McNulty Inspector General

Rick Scott Governor State of Florida Agency for State Technology 4050 Esplanade Way, Suite 115 Tallahassee, FL 32399-0950 Tel: 850-412-6050 Eric M. Larson State CIO/Executive Director Tabitha A. McNulty Inspector General September 29, 2017 Eric M. Larson, State CIO/Executive Director Agency for State Technology 4050 Esplanade Way, Suite 115 Tallahassee, Florida 32399-0905 Eric W. Miller, Chief Inspector General Executive Office of the Governor The Capitol, Suite 1902 Tallahassee, Florida 32399-0001 Dear State Chief Information Officer Larson and Chief Inspector General Miller: I am pleased to submit the s Annual Report for the fiscal year ending June 30, 2017, as required by section 20.055, Florida Statutes. This report highlights the accomplishments, findings, and recommendations of activities completed during the 2016-2017 fiscal year. I look forward to continuing to work with both of you and the opportunities the current fiscal year presents as we move forward in ensuring accountability, integrity, efficiency, and effectiveness in fulfilling the Agency s mission and strategic goals. Thank you for your continued support of the Agency s. Sincerely, Tabitha A. McNulty, CISA, CIG, CIGA Inspector General TAM cc: Sherrill F. Norman, CPA Florida Auditor General

Table of Contents Introduction and Background... 1 Agency for State Technology Responsibilities... 1 Responsibilities... 2 Organizational Profile... 3 Staff Qualifications... 3 Continuing Professional Education and Development... 3 Major Functions within the... 4 Investigations... 4 Internal Audit... 5 Accomplishments... 6 Summary of Projects... 6 Audit Activities... 6 Investigation Activities... 7 Other Items... 7 Annual and Long-term Work Plans... 8 Annual Work Plan... 8 Long-term Work Plan... 10 S-1718-16 Page i

Introduction and Background Section 20.055, Florida Statutes, requires that each Governor s agency inspector general submit to the agency head and the Chief Inspector General an annual report, no later than September 30 of each year. The report summarizes activities during the preceding state fiscal year. The report includes, but is not limited to the following: Summary of each audit and investigation completed during the reporting period; Description of significant abuses and deficiencies relating to the administration of programs and operations of the agency disclosed by investigations, audits, reviews, or other activities during the reporting period; and Description of recommendations for corrective action made by the Office of Inspector General (OIG) during the reporting period with respect to significant problems, abuses, or deficiencies identified. This report is presented to the State Chief Information Officer/Executive Director (State CIO) and the Chief Inspector General in accordance with the statutory requirement. Agency for State Technology Responsibilities The Agency for State Technology (Agency) was created in July 2014 and consolidated the Northwood and Southwood Shared Resource Centers to become the State Data Center. The Agency was given the following duties and functions: Develop and publish information technology policy for the management of the state s information technology resources; Establish and publish technology architecture standards and assist state agencies with compliance with the standards; Establish project management and oversight standards for state agencies to use when implementing information technology projects; Perform project oversight on all state agency information technology projects that have a total cost of $10 million or more; S-1718-16 Page 1

Identify opportunities for standardization and consolidation of information technology services; and In collaboration with the Department of Management Services, establish best practices for the procurement of information technology products, and participate in evaluating, conducting and negotiating competitive solicitations for state term contracts for information technology commodities, consultant services, or staff augmentation. Responsibilities The OIG s mission is to assist the State CIO and Agency management in achieving success through technology by using a systematic, disciplined approach to evaluate and improve the effectiveness of the Agency s risk management, controls, and governance processes. The specific statutory duties and responsibilities of the OIG according to section 20.055, Florida Statutes, includes: Assess the reliability and validity of the information provided by the Agency on performance measures, standards, and procedures for evaluating Agency programs; Assess the reliability and validity of performance measures and make recommendations for improvement; Review the actions taken by the Agency to improve program performance and meet program standards, while making recommendations for improvement, if necessary; Provide direction for, supervise, and coordinate audits, investigations, and management reviews relating to the Agency s operations; Conduct, supervise, and coordinate other activities to promote economy and efficiency or designed to prevent and detect fraud, waste, and abuse in the Agency; Keep the State CIO and the Chief Inspector General informed concerning fraud, waste, abuse, and deficiencies in programs and operations administered or financed by the Agency, recommend corrective action, and report on the implementation of the corrective action; Ensure effective coordination and cooperation between the Auditor General, federal auditors and other government bodies, with a view toward avoiding duplication; Review, as appropriate, Agency rules and make recommendations relating to their impact; Ensure that an appropriate balance is maintained between audits, investigations, and other accountability activities; and Comply with the General Principles and Standards for Offices of Inspector General as published and revised by the Association of Inspectors General. S-1718-16 Page 2

Organizational Profile To carry out the duties and responsibilities of the OIG, the inspector general is under the general supervision of the agency head for administrative purposes, and reports to the Chief Inspector General within the Executive Office of the Governor. At the end of the 2016-2017 fiscal year, there was one professional/technical staff person appointed to the office, the agency inspector general. Staff Qualifications The inspector general has background and experience in a variety of disciplines in both the public and private sectors. These disciplines include accounting, auditing, program evaluation, and management. She possesses professional certifications and participates in a number of professional organizations. Below is a summary of certifications and professional organizational affiliations maintained by the inspector general: Professional certifications held include: Certifications Certified Information Systems Auditor (CISA) Certified Inspector General (CIG) Certified Inspector General Auditor (CIGA) The inspector general is affiliated with: Professional Organization Affiliations The Association of Inspectors General ISACA The Institute of Internal Auditors, Inc. Florida Chapter, Association of Inspectors General Tallahassee Chapter, ISACA Tallahassee Chapter, The Institute of Internal Auditors, Inc. Continuing Professional Education and Development The inspector general has a personal responsibility to achieve and maintain the level of competence required to perform the respective duties and responsibilities of the office. The S-1718-16 Page 3

inspector general stays current with trends in internal auditing and investigations to maintain professional proficiency through the membership in these various professional organizations. As required by statute, the OIG performs work in accordance with the International Standards for the Professional Practice of Internal Auditing, as published by The Institute of Internal Auditors, Inc. and/or Principles and Standards for Offices of Inspector General, published by the Association of Inspectors General. These standards require staff to maintain proficiency through continuing professional education and training. The required training hours are met by participating in professional affiliation conferences, webinars, and luncheons. Investigations Major Functions within the Investigations is responsible for management and operation of administrative investigations designed to detect, deter, prevent, and/or eradicate fraud, waste, mismanagement, misconduct, and other abuses involving the Agency s employees, contractors, and vendors. Investigations are conducted in accordance with the Principles and Standards for Offices of Inspector General, published by the Association of Inspectors General. Investigations are usually the result of a complaint or inquiry. Inquiries and complaints regarding Agency activities may be received from many sources, including: Whistle-blower s Hotline, Office of the Chief Inspector General, Executive Office of the Governor, Agency employees, and Others doing business with the agency. A thorough fact-finding investigation determines whether an alleged violation of law, rule, or policy actually occurred. These investigations may include witness(es) and subject interviews, review of documentation, and observations. Allegations are proved, by a preponderance of the evidence. An investigative report is published for all opened investigations and Agency management may use the report for disciplinary or corrective action. When the inspector general receives a complaint without enough specificity to determine whether an investigation should be opened, but it appears serious enough, a preliminary S-1718-16 Page 4

review is conducted in an attempt to acquire additional facts. If enough information in gathered, then the preliminary inquiry may result in an investigation. Internal Audit Internal Audit performs independent, objective audits, reviews, and examinations to provide management with information on the adequacy and effectiveness of the Agency s internal controls and the economy, efficiency, and effectiveness of the Agency programs, activities, and functions. Additionally, the reports identify, report, and recommend corrective actions to improve the Agency s services, activities, and functions. Audits, reviews, and examinations are performed in accordance with the International Standards for the Professional Practice of Internal Auditing, as published by The Institute of Internal Auditors, Inc. These standards provide a framework for ensuring independence, objectivity, and due professional care in the performance of internal audit work. To ensure adequate coverage of the many Agency activities and to support management, internal audit conducts a risk assessment to create an annual audit plan. The assessment ensures that the inspector general is responsive to management s concerns and that those activities with the greatest risks are identified and scheduled for review. However, the State CIO or Chief Inspector General may request the inspector general to perform an audit or review of a program, function, or organizational unit. Additional functions of internal audit are as follows: Conduct Performance Audits to ensure effectiveness, efficiency, and economy of Agency services; Provide Management Assistance Services to advise management on emerging issues and concerns; Coordinate Audit Responses and conduct Follow-up Audits to findings and recommendations made internally by the inspector general or externally by the Auditor General, Office of Program Policy Analysis and Government Accountability (OPPAGA), and other oversight units; Coordinate customer External Audit Requests and responses; and Assist management in the development of Performance Measures and assess the reliability and validity of the Agency s information on performance measurement and standards. S-1718-16 Page 5

Accomplishments During Fiscal Year 2016-2017, the inspector general accomplished the following work: Activity Quantity Complaints Received and Reviewed 10 Investigations Completed 1 External Audits Coordinated 10 Customer s External Audits Coordinated 8 Agency External Audit Findings Reviewed and 9 Closed Performance Audit Completed 0 To accomplish these activities, the inspector general s time resources are shown in the following chart: Administrative Activities 26% TIME RESOURCES Training 7% Audit Activities 40% Leave 16% Investigative Activities 11% Summary of Projects Audit Activities During the fiscal year the inspector general did not issue any audit reports that were consistent with the International Standards for the Professional Practice of Internal Auditing, as published by The Institute of Internal Auditors, Inc. S-1718-16 Page 6

Follow-up to Open Audit Findings and Recommendations The inspector general reviewed and conducted follow-up audit work on reports issued by the Auditor General. These reviews included follow-up on 21 open audit findings and remediation was completed for nine. The inspector general completed the work on the following issued Auditor General reports: State Data Center Operations - Report No. 2017-087 Comprehensive Risk Assessments at Selected State Agencies - Report No. 2017-004 State of Florida Compliance and Internal Controls Over Financial Reporting and Federal Awards - Report 2016-159 State of Florida Compliance and Internal Controls Over Financial Reporting and Federal Awards - Report 2015-166 Investigation Activities Investigative Report I-1516-27 The inspector general received a complaint that a contractor hired by the Agency had allegedly recorded meetings without the meeting attendees knowledge. Based on the allegation, the case was referred to the Florida Department of Law Enforcement (FDLE) for criminal review. After FDLE finished the case, they found no information to support the criminal allegation. Investigative Report I-1617-22 The inspector general received a complaint alleging that an employee did not provide a truthful and accurate accounting of time worked on their timesheet and was using a state issued phone for personal business without reimbursing the state. During the preliminary investigation, the employee resigned from the Agency and the inspector general closed the investigation. Prior to the employee s resignation the employee reimbursed the state for the personal use of the telephone and corrected the timesheet errors. Other Items Computer Security Incident Response Team The inspector general is also required to serve as a member of the Computer Security Incident Response Team (CSIRT) for the Agency. CSIRT is a response unit that performs functions in regard to mitigating and investigating apparent information security incidents to minimize damage to the agency s computer systems, networks, and data. S-1718-16 Page 7

Customer Audit and Investigation Coordination The inspector general is the central point of contact for customers to contact when they have a need for external or internal audit support. During the fiscal year the following agencies requested help or coordination with audits between the Agency and their external auditors: Department of Children and Families Department of Economic Opportunity Department of Revenue Department of Transportation Department of Highway Safety and Motor Vehicles Department of Health As part of the customers external audit coordinations, the inspector general provides initial responses and remediation updates. During the 2016-2017 fiscal year, the inspector general coordinated updates to over 300 issues, security control settings, findings, and recommendations. Research and Analysis for Legislative Session During the 2017 Legislative Session, Agency executive staff requested the inspector general to provide an analysis and comparison of similar audit findings issued by the Auditor General to the State Data Center and other state agencies. The analysis was used as information during discussions with legislators and their staff. Annual and Long-term Work Plans Section 20.055(5)(i), Florida Statutes, requires that annual and long-term audit plans be developed based on the findings of periodic risk assessments. The purpose of developing the Annual Work Plan is to identify, select, and plan the allocation of resources for the upcoming year, based on the assessment. The overriding consideration during the development of the annual plan is to provide the greatest benefit to the Agency with the OIG s very limited resources. Annual Work Plan State CIO Larson approved the Annual Work Plan, on September 25, 2017. The 2080 hours available for the fiscal year are allocated in the chart as follows: S-1718-16 Page 8

Work Plan for Fiscal Year 2017-2018 Audit Activities Hours ISO/IEC 20000 Internal Review 100 Continuity of Operations Planning Audit (Continuation from last year) 90 Contract Management Audit 120 Performance Measure Review 10 External Audit Coordination 220 Audit Follow-up Activities 225 Enterprise Projects (Requested by the Chief Inspector General) 200 Subtotal 965 Investigation Activities Hours Complaint Intake, Preliminary Inquiries, and Investigations 200 Internal Reports Hours Annual Risk Assessment and Work Plan for FY 2017-2018 50 Annual Risk Assessment and Work Plan for FY 2018-2019 40 Annual Report 30 Audit Charter Updates 10 Schedule IX Major Audit Findings and Recommendations 10 Quarterly Legislative Reporting 60 Subtotal 200 Office Management Hours Administrative Duties 250 Update Policies and Procedures 30 Public Records Requests 5 Subtotal 285 Training Hours Professional Training 60 Staff Development 10 Subtotal 70 Holiday and Leave Hours Annual Leave 176 Sick Leave 104 Holiday 80 Subtotal 360 Total Hours Available 2,080 S-1718-16 Page 9

Long-term Work Plan For fiscal years 2018-2019 and 2019-2020, the OIG plans to ensure that provided services will be of the most benefit to the Agency. The goal is to achieve and maintain an appropriate balance between audit, investigation, and other accountability activities. If the OIG continues to only have a single person, the OIG will continue to have 2,080 hours available for projects during the 2018-2019 and 2019-2020 fiscal years. Therefore, the OIG would expect to expend the available hours in the following activities: Long-term Work Plan Activity Hours Audit Activities 965 Investigation Activities 200 Internal Reports 200 Office Management 285 Training 70 Holiday and Leave 360 Total Available Hours 2,080 However, the long-term plans are subject to change based on the results of the periodic risk assessment and to be responsive to the concerns of both the State CIO and Chief Inspector General. S-1718-16 Page 10

2585 Shumard Oak Blvd. Tallahassee, Florida 32399 Office (850) 412-6022 http://www.ast.myflorida.com/inspectorgeneral.asp

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback